BenchmarksStack Ranking
H33-128H33-CKKSH33-256H33-BFV32H33-FHE-IQFHE OverviewZK LookupsBiometricsH33-3-KeyH33-MPCPQC ArchitecturePQ VideoStorage EncryptionAI DetectionEncrypted Search
APIsPricingTokenDocsWhite PaperBlogAboutSecurity Demo
Log InGet API Key

H33 API Documentation

The complete post-quantum authentication API. FHE biometrics, ZK proofs, quantum signatures, blockchain attestation. All in one platform, at 2,648 microseconds.

Base URL: https://api.h33.ai/v1 108 Patent Claims Pending v2.0 - February 2026
Crypto API Reference
Complete reference for Dilithium, Kyber, BFV, CKKS, H33 ZKP Stark Lookup, and MPC endpoints.
View Crypto API Reference

Quick Start

Get started in 3 steps

1
Get API Key
Sign up for free trial (1,000 auths/mo)
2
Install SDK
SDK coming soon
3
Make First Call
Full post-quantum auth in one line
JavaScript
import { H33 } from '@h33/client'; const h33 = new H33('h33_live_xxx'); // Full post-quantum auth: ~1.36ms const result = await h33.auth.fullStack({ userId: 'user_123', biometric: faceData, mode: 'h33' // 1.36ms, NIST L1 }); console.log(result); // { // match: true, // confidence: 0.9847, // zkProof: "0x...", // quantumSignature: "0x...", // blockchainTx: "5KtP...", // latency: "218µs" // }

Authentication

All API requests require authentication using your API key in the Authorization header.

HTTP Header
Authorization: Bearer h33_live_xxxxxxxxxxxxxxxxxxxx
ℹ️
API Key Types
h33_live_* - Production keys, full access
h33_test_* - Test keys, sandbox environment (no auths consumed)

Key Management

API keys can be created, rotated, and revoked from your dashboard. We recommend:

  • Using different keys for different environments
  • Rotating keys every 90 days
  • Never committing keys to version control

Pricing & Usage

H33 uses per-auth pricing with included monthly auths. Annual plans get 2 months free (~17% off).

Starter
$349/mo
5,000 auths/mo
Pro
$899/mo
15,000 auths/mo
Business
$2,499/mo
50,000 auths/mo
Growth
$6,999/mo
175,000 auths/mo
🎁
Free Tier
1,000 auths/mo • All security levels • Full API access

Security Level Surcharges

Higher security levels add a per-auth surcharge:

Tier Surcharge Latency Description
H0 ⚠️ 1 356µs Dev/testing only (~57-bit)
H1 3 ~480µs Lightweight FHE (~86-bit)
H2 ✓ 4 removed Full FHE, deep circuits (NIST L1)
H33 ⭐ 10 1.36ms Zero exposure flagship (NIST L1)
H-256 ✓ 25 5.98ms NIST L5 + k-of-n threshold

KYC / Identity (Fixed Pricing)

Service Price Includes
KYC Basic + SBT $49 ID, Selfie, Liveness, Soulbound NFT
KYC Enhanced + SBT $79 + Proof of Address verification
AML/PEP Screening $19 Sanctions, PEP, Adverse Media
Full Bundle $99 KYC + AML + Soulbound NFT

Full Stack Auth

The flagship endpoint

One API call: biometric + FHE + ZK proof + quantum signature + blockchain. Session resume in 50µs.

1.17ms
Full Auth
42µs
Resume
420µs
Latency
POST /auth/full-stack PATENT PENDING

Complete post-quantum authentication in a single call. Combines FHE-encrypted biometric matching, zero-knowledge proof generation, quantum-resistant signature, and blockchain attestation.

1.17ms
H33 Latency
420µs
H33 Latency
99.7%
Accuracy
7 layers
Security

Request Body

Parameter Type Required Description
userId string Required Unique identifier for the user
biometric object Required Biometric data (face, voice, or fingerprint)
biometric.type string Required "face" | "voice" | "fingerprint"
biometric.data string Required Base64-encoded biometric data
mode string Optional "h0" (dev only ~57-bit) | "h1" (fast non-NIST) | "h2" (NIST L1) | "h33" (1.36ms NIST L1, default) | "h-256" (5.98ms NIST L5)
zkClaims object Optional Additional claims to include in ZK proof
blockchain object Optional Blockchain attestation options

Example Request

cURL
curl -X POST https://api.h33.ai/v1/auth/full-stack \ -H "Authorization: Bearer h33_live_xxx" \ -H "Content-Type: application/json" \ -d '{ "userId": "user_123", "biometric": { "type": "face", "data": "base64_encoded_face_data..." }, "mode": "q2", "zkClaims": { "ageOver": 18, "country": "US" }, "blockchain": { "network": "solana", "mintSbt": true } }'

Example Response

JSON
{ "success": true, "match": true, "confidence": 0.9847, "zkProof": { "proof": "0x1a2b3c...", "publicInputs": ["0x..."], "verificationKey": "0x..." }, "quantumSignature": { "algorithm": "dilithium3", "signature": "0x4d5e6f...", "publicKey": "0x..." }, "blockchain": { "network": "solana", "txHash": "5KtPn...", "sbtMint": "H33sbt..." }, "metadata": { "latency": "218µs", "mode": "q2" } }

Biometric Enroll

POST /biometric/enroll

Enroll a new biometric template. The template is encrypted using FHE before storage — we never see or store raw biometric data. Accepts base64-encoded images or pre-extracted float32 embedding vectors.

~200µs
Enroll Time
4 types
Face, Voice, Fingerprint, Iris
3 adapters
ArcFace, SpeechBrain, SourceAFIS

Request Body

Parameter Type Required Description
userId string Required Unique identifier for the user
biometric object Optional Biometric data to enroll (use this OR embedding)
biometric.type string Required "face" | "voice" | "fingerprint" | "iris"
biometric.data string Optional Base64-encoded biometric image/audio
embedding number[] Optional Pre-extracted float32 embedding vector. 512-D (face), 192-D (voice), 256-D (fingerprint), 1024-D (iris). Use instead of biometric.data when sending model output directly.
adapter string Optional "arcface" | "speechbrain" | "sourceafis" — auto-validates dimension, checks for NaN, and L2-normalizes. See SDK Guide
mode string Optional "q-dev" | "q2" | "q-256"
JavaScript — Base64 Image
const enrollment = await h33.biometric.enroll({ userId: 'user_123', biometric: { type: 'face', data: faceImageBase64 }, mode: 'h33' }); // { enrollmentId: "enr_xxx", templateHash: "0x...", status: "active" }
JavaScript — Embedding Vector (Recommended)
// Extract embedding with your model (ArcFace, NEC, Cognitec, etc.) const embedding = await arcface.extract(faceImage); // 512-D float32 const enrollment = await h33.biometric.enroll({ userId: 'user_123', embedding: Array.from(embedding), biometricType: 'face', adapter: 'arcface' // Validates: 512-D, finite, L2 norm in [0.9, 1.1] }); // { enrollmentId: "enr_xxx", templateHash: "0x...", status: "active" }
📘
Biometric SDK Integration Guide
Complete setup guides for ArcFace, SpeechBrain, and SourceAFIS with Python and Rust examples. View SDK Guide →

Biometric Verify

POST /biometric/verify POPULAR

Verify a biometric sample against an enrolled template. Matching is performed entirely on encrypted data using FHE — the raw biometric never leaves your device. Accepts base64 images or pre-extracted embedding vectors.

~42µs
Per Auth (batched)
1.595M/sec
At Scale
99.7%
Accuracy

Request Body

Parameter Type Required Description
userId string Required User to verify against enrolled template
embedding number[] Optional Pre-extracted float32 embedding vector. Use instead of biometric.data.
biometric object Optional Biometric data (use this OR embedding)
adapter string Optional "arcface" | "speechbrain" | "sourceafis" — auto-validates and normalizes
JavaScript — Embedding Vector
const probe = await arcface.extract(liveFaceImage); // 512-D float32 const result = await h33.biometric.verify({ userId: 'user_123', embedding: Array.from(probe), adapter: 'arcface' }); // { match: true, similarity: 0.9847, latency: "48µs", proof: "0xabc...", attestation: "dilithium:..." }

Liveness Session

POST /biometric/liveness-session ANTI-SPOOFING

Create a challenge-response anti-spoofing session. Returns challenges (blink, head turn, speech phrase) that the user must complete before biometric verification proceeds. Detects photo attacks, replays, deepfakes, and synthetic media.

21
Attack Types Detected
6+4
Face + Voice Detectors
30s
Session Timeout

Request Body

Parameter Type Required Description
biometricType string Required "face" | "voice"
riskLevel string Optional "low" | "medium" | "high" — controls number and difficulty of challenges. Default: "medium"
JavaScript
const session = await h33.biometric.createLivenessSession({ biometricType: 'face', riskLevel: 'high' }); // { // sessionId: "sess_8f2a...c41b", // challenges: [ // { type: "blink", instruction: "Blink twice", timeLimit: 5000 }, // { type: "head_turn", instruction: "Turn head left", timeLimit: 5000 }, // { type: "expression", instruction: "Smile", timeLimit: 5000 } // ], // expiresAt: "2026-02-23T16:30:00Z" // }

Verify + Liveness

POST /biometric/verify-with-liveness ANTI-SPOOFING

Liveness check first, then FHE biometric verification. If the liveness check fails (spoofing detected), the FHE verification is never executed — no compute wasted on attacks. Returns both liveness result and verification result.

~42µs
Per Auth (batched)
21
Attack Types Blocked
99.7%
Accuracy

Request Body

Parameter Type Required Description
userId string Required User to verify against enrolled template
embedding number[] Required Pre-extracted float32 embedding vector
sessionId string Required Liveness session ID from /biometric/liveness-session
capture object Required Biometric capture data for liveness analysis
capture.faceFrames object[] Optional Array of face frames with timestamps, landmarks, and frame hashes
capture.voiceSegments object[] Optional Array of voice segments with audio features and spectral data
capture.challengeResults object[] Optional Completed challenge-response results from the liveness session
JavaScript
// 1. Create liveness session const session = await h33.biometric.createLivenessSession({ biometricType: 'face' }); // 2. Capture face frames + complete challenges (client-side) const capture = await collectBiometricCapture(session.challenges); // 3. Extract embedding const embedding = await arcface.extract(liveFaceImage); // 4. Verify with liveness const result = await h33.biometric.verifyWithLiveness({ userId: 'user_123', embedding: Array.from(embedding), sessionId: session.sessionId, capture: capture }); // { // livenessResult: { passed: true, score: 0.97, attacks: [] }, // verificationResult: { match: true, similarity: 0.9847, latency: "48µs" }, // attestation: "dilithium:0xabc..." // }
🛡️
Anti-Spoofing Detections
Face: Texture analysis, depth estimation, blink detection, movement patterns, moiré detection, micro-expression analysis
Voice: Replay detection, synthetic speech, frequency analysis, environmental consistency
Deepfake: GAN artifact detection, temporal coherence, challenge-response verification

Unenroll (Delete)

DELETE /biometric/unenroll COMPLIANCE

Cryptographically delete an enrolled biometric template. The BFV ciphertext is destroyed and a Dilithium-signed deletion receipt is returned as proof of destruction. Satisfies BIPA 15(a), GDPR Article 17, CCPA 1798.105.

<1ms
Deletion Time
Dilithium
Signed Receipt
3 Laws
BIPA + GDPR + CCPA

Request Body

Parameter Type Required Description
userId string Required User whose template to delete
enrollmentId string Optional Specific enrollment to delete. If omitted, deletes all enrollments for user.
JavaScript
const deletion = await h33.biometric.unenroll({ userId: 'user_123' }); // { // deleted: true, // userId: "user_123", // templatesDeleted: 1, // deletionReceipt: { // digest: "sha3-256:0xf8a2...b741", // signature: "dilithium:0x9c3e...a215", // timestamp: "2026-02-23T16:30:00Z" // } // }
⚖️
Compliance
The Dilithium-signed deletion receipt serves as cryptographic proof of destruction for regulatory audits. BIPA · GDPR Art 17 · CCPA 1798.105

FHE Encryption

POST /fhe/encrypt

Encrypt data using Fully Homomorphic Encryption. Encrypted data can be processed without decryption, enabling privacy-preserving computation.

150µs
Encrypt Latency

FHE Modes

Mode Latency Parameter N Use Case
H0 356µs N=1,024 Dev/testing only (~57-bit)
H1 ~480µs N=2,048 Fast non-NIST (~85-bit)
H2 removed N=4,096 Deep circuits (128-bit NIST L1)
H33 1.36ms N=4,096 Production default (128-bit NIST L1)
H-256 5.98ms N=16,384 Max security (256-bit NIST L5)
JavaScript
const encrypted = await h33.fhe.encrypt({ data: sensitiveData, mode: 'h33' // 1.36ms, NIST L1, scheme: 'bfv' // or 'ckks' for floating point }); // { ciphertext: "0x...", publicKey: "0x...", metadata: {...} }

FHE Compute

POST /fhe/compute

Perform computations on encrypted data. Supports addition, multiplication, comparison, and custom operations without ever decrypting.

JavaScript
// Compare encrypted biometric templates const result = await h33.fhe.compute({ operation: 'euclidean_distance', inputs: [encryptedTemplate1, encryptedTemplate2], mode: 'h33' // 1.36ms, NIST L1 }); // Result is still encrypted - decrypt on client side

Zero-Knowledge Proofs

POST /zkp/prove

Generate a zero-knowledge proof. Prove statements about your data without revealing the data itself. Uses H33 ZKP STARK Lookup — SHA3-256 hash, post-quantum safe, no trusted setup.

1.17ms
Cached Circuit
~1ms
Prove Time

Supported Proof Types

Scheme Proof Size Verify Time Notes
H33 ZKP Stark Lookup (Production) 105 bytes 2.09ns (cached) Production auth ZK. STARK Lookup, SHA3-256 hash, PQ-safe
KZG ~200 bytes ~3ms Biometric ZKP commitment scheme
IPA ~1KB ~10ms No trusted setup, biometric ZKP
JavaScript
// Prove user is over 18 without revealing DOB const proof = await h33.zkp.prove({ circuit: 'age_verification', privateInputs: { dateOfBirth: '1990-05-15' }, publicInputs: { minAge: 18, currentDate: '2026-01-26' }, scheme: 'stark' }); // { proof: "0x...", publicInputs: [...], verified: true }
POST /zkp/verify

Verify a zero-knowledge proof. Returns true if the proof is valid for the given public inputs and verification key.

~3ms
Verify Time
~3ms
Verify Time
JavaScript
const isValid = await h33.zkp.verify({ proof: proofFromUser, publicInputs: expectedPublicInputs, verificationKey: circuitVK }); // { valid: true, timestamp: "2026-01-26T..." }

Quantum Signatures

NIST FIPS 203/204 compliant post-quantum digital signatures. Resistant to attacks from both classical and quantum computers.

🔐
Algorithms Supported
CRYSTALS-Dilithium - Primary (FIPS 204)
CRYSTALS-Kyber - Key encapsulation (FIPS 203)
POST /quantum/sign

Sign data using a quantum-resistant algorithm. Default: Dilithium3 (NIST security Level 3).

45µs
Sign Time
36.9µs
Verify Time
JavaScript
// Generate quantum-resistant key pair const keys = await h33.quantum.generateKeyPair({ algorithm: 'dilithium3' }); // Sign data const signature = await h33.quantum.sign({ data: messageToSign, privateKey: keys.privateKey, algorithm: 'dilithium3' }); // Verify signature const valid = await h33.quantum.verify({ data: messageToSign, signature: signature, publicKey: keys.publicKey });

Blockchain Attestation

POST /blockchain/attest

Create an immutable attestation record on Solana. Perfect for audit trails, compliance records, and tamper-proof logging.

~400ms
Confirmation
JavaScript
const attestation = await h33.blockchain.attest({ data: { userId: 'user_123', action: 'kyc_verified', timestamp: Date.now() }, network: 'solana', compress: true // ZK-compressed (5000x less expensive) }); // { txHash: "5KtPn...", slot: 123456789, explorer: "https://..." }
POST /blockchain/mint-sbt

Mint a Soulbound Token (non-transferable NFT) representing verified identity credentials. Included with KYC packages.

JavaScript
const sbt = await h33.blockchain.mintSbt({ userId: 'user_123', walletAddress: 'Gh9ZwE...', credentials: { kycLevel: 'enhanced', verifiedAt: '2026-01-26', expiresAt: '2027-01-26' } }); // { mint: "H33sbt...", metadata: "https://...", txHash: "..." }

KYC Verification

POST /kyc/verify

Complete KYC verification with FHE-encrypted biometrics, ZK proofs, and blockchain attestation. Includes Soulbound NFT minting.

Pricing

Package Price Includes
KYC Basic + SBT $49 ID + Selfie + Liveness + Soulbound NFT
KYC Enhanced + SBT $79 Basic + Proof of Address
Full Bundle $99 Enhanced KYC + AML + Soulbound NFT
JavaScript
const kyc = await h33.kyc.verify({ userId: 'user_123', package: 'full_bundle', // $99 documents: { idFront: idFrontBase64, idBack: idBackBase64, selfie: selfieBase64, proofOfAddress: pobBase64 }, walletAddress: 'Gh9ZwE...' // For SBT mint }); // { // status: "verified", // level: "enhanced", // amlClear: true, // zkProof: "0x...", // sbtMint: "H33sbt..." // }

Continuous Authentication

WS /auth/continuous PATENT PENDING

Real-time continuous authentication using multi-modal behavioral biometrics. LSTM-based temporal modeling of keystroke, mouse, face, and voice patterns.

99.2%
Attack Detection
94.7%
User Accuracy
4 modalities
Fusion
JavaScript
const session = await h33.auth.continuousSession({ userId: 'user_123', modalities: ['keystroke', 'mouse', 'face'], sensitivity: 'high' }); // Stream behavioral data session.on('keystroke', (event) => { session.send({ type: 'keystroke', ...event }); }); // Receive confidence updates session.on('confidence', ({ score, anomaly }) => { if (score < 0.7) triggerReauth(); });

Invisible Authentication

POST /auth/invisible PATENT PENDING

Zero-transmission authentication. No codes displayed on screen. Authentication keys are hardware-secured and never transmitted over the network.

⚠️
Requires Client SDK
Invisible auth requires the H33 client SDK with secure enclave access (iOS Secure Enclave, Android StrongBox, or TPM).
JavaScript
// Initialize invisible auth (one-time setup) const registration = await h33.auth.invisibleRegister({ userId: 'user_123', deviceId: deviceFingerprint }); // Authenticate (no visible codes) const auth = await h33.auth.invisible({ userId: 'user_123', challenge: serverChallenge }); // { authenticated: true, zkProof: "0x...", timestamp: ... }

Estate Fraud Detection

POST /fraud/estate/analyze PATENT PENDING

Detect behavioral anomalies indicating potential estate fraud. Analyzes shifts from deceased user baselines and detects beneficiary collusion patterns. Generates court-admissible evidence packages.

JavaScript
const analysis = await h33.fraud.estateAnalyze({ accountId: 'account_123', deceasedUserId: 'user_456', suspectedActivity: recentTransactions, generateEvidence: true }); // { // fraudProbability: 0.94, // behavioralShift: { magnitude: 0.87, indicators: [...] }, // collusionDetected: true, // evidencePackage: { hash: "0x...", courtAdmissible: true } // }

Bundled Services

High-performance bundled endpoints using h33_fhe and h33_stark internally—our fastest, most secure implementations.

Auth Complete

Full authentication flow in a single call. Biometric + FHE + ZK proof + quantum signature.

1.36ms
Latency
1 auth
Per Call
POST /h33/auth/complete NEW

Complete authentication in one call. Uses h33_fhe for encryption and h33_stark for proof generation. Returns verified identity with quantum-resistant signatures.

Request Body

JSON
{ "user_id": "user_123", "biometric": "base64_encoded_data", "options": { "include_zk_proof": true, "include_signature": true } }

Response

JSON
{ "success": true, "verified": true, "confidence": 0.9847, "zk_proof": "...", "signature": "...", "latency_us": 220 }

Encrypt and Prove

POST /h33/encrypt-and-prove NEW

FHE encryption with ZK proof in one call. Encrypts data using h33_fhe and generates a H33 ZKP STARK Lookup proof of correct encryption. 2.0µs (async) prove, 2.09ns (cached) verify, 105-byte proof.

180µs
Latency
h33_fhe
Encryption
h33_stark
Proof

Request Body

JSON
{ "plaintext": "data_to_encrypt", "public_key": "...", "proof_type": "stark" }

Response

JSON
{ "ciphertext": "...", "proof": "...", "proof_valid": true, "latency_us": 180 }

Secure Compute

POST /h33/secure-compute NEW

FHE computation with correctness proof. Performs operations on encrypted data and generates a H33 ZKP Stark Lookup proof that the computation was performed correctly.

250µs
Latency
Verifiable
Computation

Request Body

JSON
{ "operation": "add", "ciphertext_a": "...", "ciphertext_b": "...", "generate_proof": true }

Response

JSON
{ "result": "...", "correctness_proof": "...", "proof_verified": true, "latency_us": 250 }

Key Ceremony

POST /h33/key-ceremony NEW

Multi-party key generation ceremony. Securely generates shared keys across multiple participants using MPC protocols with quantum-resistant algorithms.

500µs
Per Party
N-of-M
Threshold

Request Body

JSON
{ "ceremony_id": "ceremony_abc123", "participants": 5, "threshold": 3, "algorithm": "dilithium" }

Response

JSON
{ "ceremony_id": "ceremony_abc123", "status": "initialized", "public_key": "...", "participant_shares": ["..."], "latency_us": 2500 }

SDK Initialization

POST /h33/sdk/init NEW

Initialize the H33 SDK with your configuration. Returns optimized settings and pre-computed parameters for subsequent API calls.

Request Body

JSON
{ "api_key": "h33_live_xxx", "environment": "production", "features": ["fhe", "zkp", "quantum"] }

Response

JSON
{ "initialized": true, "session_id": "sess_xxx", "endpoints": { "auth": "/h33/auth/complete", "encrypt": "/h33/encrypt-and-prove", "compute": "/h33/secure-compute" }, "units_remaining": 10000 }

Bundled Status

GET /h33/bundled/status NEW

Health check for bundled services. Returns status of h33_fhe, h33_stark, and all bundled endpoint availability.

Response

JSON
{ "status": "healthy", "services": { "h33_fhe": "operational", "h33_stark": "operational", "auth_complete": "operational", "encrypt_prove": "operational", "secure_compute": "operational", "key_ceremony": "operational" }, "latency_p99_us": 320, "uptime": "99.99%" }

Error Codes

All API errors return a consistent JSON structure with an error code and message.

Error Response
{ "error": { "code": "QUOTA_EXCEEDED", "message": "Monthly auth quota exceeded", "details": { "used": 5000, "limit": 5000 } } }
Code HTTP Description
INVALID_API_KEY 401 API key is missing, invalid, or revoked
QUOTA_EXCEEDED 429 Monthly auth quota exceeded
INVALID_BIOMETRIC 400 Biometric data is malformed or unreadable
USER_NOT_ENROLLED 404 No biometric template found for user
VERIFICATION_FAILED 200 Biometric match failed (not an error)
LIVENESS_FAILED 403 Anti-spoofing liveness check failed
SPOOFING_DETECTED 403 Spoofing attack detected (photo, replay, deepfake)
SESSION_EXPIRED 410 Liveness session expired — create a new session
ADAPTER_VALIDATION_FAILED 400 Embedding failed adapter validation (wrong dimension, NaN, zero vector, L2 norm out of range)
CIRCUIT_NOT_FOUND 404 ZK circuit ID not found
PROOF_INVALID 400 ZK proof verification failed
BLOCKCHAIN_ERROR 502 Blockchain network error

SDKs & Libraries

Official client libraries with TypeScript definitions, async/await support, and automatic retries.

Installation
# Python pip install h33 # Go go get github.com/h33-ai/h33-go # Rust cargo add h33 # React Native npm install @h33/react-native

SDK Features

  • Full TypeScript definitions
  • Automatic retry with exponential backoff
  • Request/response logging
  • Webhook signature verification
  • Secure enclave integration (mobile)
  • Biometric capture helpers
  • Biometric SDK Integration Guide → ArcFace, SpeechBrain, SourceAFIS adapters
Verify It Yourself